Re: [RFC 0/4] Add a 'in_mmio' device flag to avoid the DMA to MMIO

[Li Qiang]

Jason Wang <jasowang@redhat.com> 于2020年9月9日周三 上午10:17写道：
>
>
> On 2020/9/9 上午12:41, Li Qiang wrote:
> > Currently the qemu device fuzzer find some DMA to MMIO issue. If the
> > device handling MMIO currently trigger a DMA which the address is MMIO,
> > this will reenter the device MMIO handler. As some of the device doesn't
> > consider this it will sometimes crash the qemu.
> >
> > This patch tries to solve this by adding a per-device flag 'in_mmio'.
> > When the memory core dispatch MMIO it will check/set this flag and when
> > it leaves it will clean this flag.
>
>
> What's the plan for fixing the irq issues pointed out by Peter?
>

Just have a basic idea. Just like this we can add a per-device flag,
'in_mmio' or 'in_emulation'
or some other names. The device need solve the irq handler/mmio and
anything other reenter issue by themself
or they can just check/set/clean this flag. This way we may can define
a principle which Peter mentioned that the device emulation should
obey.



Thanks,
Li Qiang


> Thanks
>
>
> >
> >
> > Li Qiang (4):
> >    memory: add memory_region_init_io_with_dev interface
> >    memory: avoid reenter the device's MMIO handler while processing MMIO
> >    e1000e: use the new memory_region_init_io_with_dev interface
> >    hcd-xhci: use the new memory_region_init_io_with_dev interface
> >
> >   hw/net/e1000e.c        |  8 ++++----
> >   hw/usb/hcd-xhci.c      | 25 ++++++++++++++---------
> >   include/exec/memory.h  |  9 +++++++++
> >   include/hw/qdev-core.h |  1 +
> >   softmmu/memory.c       | 46 +++++++++++++++++++++++++++++++++++++++---
> >   5 files changed, 72 insertions(+), 17 deletions(-)
> >
>